As CSO of CDK Global LLC, Craig Goodwin has been part of the rollout of a new API platform that he believes will revolutionize automotive purchasing. Goodwin offers his perspective on security's role in application DevOps.

Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.

F5 Networks is a vendor of application security solutions, but its DevSecOps professionals also have the need for actionable threat intelligence, says Preston Hogue, who discusses the advent of new solutions.

Organizations may have great cybersecurity intentions, but translating those desires into a robust security reality is often challenging, says Ratinder Ahuja, CEO of ShieldX Networks. That's why he advocates automation to ensure intention equals reality.

Is your security team blind to the activities in more than half of its IT assets? That was just one of the findings in a new report from 451 Research, based on in-depth interviews with security leaders across 150 large enterprises and focused on the challenges facing their teams. On average, the report found SIEMs...

With 96% of businesses now relying on cloud computing,
including 81% that use multiple cloud environments*, cloud
adoption is no longer a trend but the new normal.
This requires enterprises to place more emphasis on a critical
issue related to cloud computing and storage: how to ensure the
integrity and...

Machine learning systems adapt their behavior on the basis of a feedback loop, so they can overlearn and develop blind spots, which if not understood by practitioners can lead to dangerous situations, says Sam Curry of Cybereason.

CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.

In an exclusive interview, IBM Security GM Mary O'Brien talks with ISMG about her first year in this role, addressing the skills crisis, application security, the cloud and how to defend against cyberattacks.

Given the unsustainability of the status quo, it's a question worth considering.
Technology constantly advances. Businesses now leverage the cloud, mobility, AI, IoT, and blockchain
in ways that were once unthinkable. So no one can credibly claim that the same technologies they used
to empower their business a few...

Is 'Observability' just a disingenuous rebrand of 'monitoring'? Is it monitoring on steroids? Or, is it the new way to find out "why" (and not just "if") your system, IT or application isn't working as expected?
Today we see that traditional monitoring approaches can fall short if a system or an application doesn't...

Security needs to keep pace with the application development life cycle to avoid becoming a roadblock, and automation can play an important role, according to David Meltzer and Lamar Bailey of Tripwire.

Patch or perish, March edition: Microsoft releases fixes for 65 new vulnerabilities, including two that are being exploited in the wild. Also, Adobe issues updates for Photoshop and Digital Editions following a critical fix for a ColdFusion flaw that was being exploited in the wild.